#4455 user-add fails when --user-auth-type is filled
Closed: Fixed None Opened 6 years ago by mkosek.

As reported in Luc's blog, adding user with OTP auth type does not work:

# ipa user-add hwurst --first="Hans" --last="Wurst" --user-auth-type=otp
ipa: ERROR: attribute "ipaUserAuthType" not allowed

On the other hand, user-mod works fine:

# ipa user-add hwurst --first="Hans" --last="Wurst"
# ipa user-mod hwurst --user-auth-type=otp
----------------------
Modified user "hwurst"
----------------------
  User login: hwurst
  First name: Hans
  Last name: Wurst
  Home directory: /home/hwurst
  Login shell: /bin/sh
  Email address: hwurst@mkosek-fedora20.test
  UID: 1327800030
  GID: 1327800030
  Account disabled: False
  User authentication types: otp
  Password: False
  Member of groups: ipausers
  Kerberos keys available: False

It looks like user-add not adding all needed objectclass in the precallback.


Should be an easy fix.

master:

  • e26b3e1 Ensure ipaUserAuthTypeClass when needed on user creation

ipa-4-1:

  • 480512f Ensure ipaUserAuthTypeClass when needed on user creation

ipa-4-0:

  • 4200af9 Ensure ipaUserAuthTypeClass when needed on user creation

Metadata Update from @mkosek:
- Issue assigned to npmccallum
- Issue set to the milestone: FreeIPA 4.0.2

4 years ago

Login to comment on this ticket.

Metadata